Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

30
1
Low Cost
mohammadreza-mohammadi94 icon

Agentic-AI-LLM-Apps

by mohammadreza-mohammadi94

Sec1

A Retrieval-Augmented Generation (RAG) system for querying Alice's Adventures in Wonderland using LangChain and FAISS.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid)
  • ⚠️Python 3.8+ compatible (as per pyproject.toml)
  • ⚠️Text files must be placed in the `alice_rag/data` directory
Review RequiredView Analysis
Critical: A Cerebras API key is hardcoded in `projects/multi-agent/Cerebras-Debate-Orchestrator/src/llm_interface.py`. The `calculator_tool` in `projects/tools/Tool-Augmented Chain with Calculator/app.py` uses `eval`, which, despite attempts at sandboxing, is a high-risk function. Several email sending tools across different projects contain placeholder email addresses (`YOUR_EMAIL_ADDRESS`) that need to be replaced. External API calls (OpenAI, Tavily, Pushover, SendGrid, NewsAPI, Groq, Cerebras) are made across different projects, requiring careful management of API keys via environment variables.
Updated: 2025-12-01GitHub
30
1
High Cost
ajacobm icon

codenav

by ajacobm

Sec2

Provides a comprehensive code analysis platform, extracting architectural insights, quality metrics, and enabling navigation for integration with AI/LLM agents or data science workflows.

Setup Requirements

  • ⚠️Docker Desktop or equivalent container runtime is required for full functionality (Redis, Memgraph).
  • ⚠️Requires a running Redis server for caching and Change Data Capture (CDC).
  • ⚠️Requires a running Memgraph graph database for advanced graph queries and persistent CDC sync.
  • ⚠️Requires `ast-grep-py` to be installed for multi-language parsing.
Review RequiredView Analysis
The server uses `CORSMiddleware` with `allow_origins=["*"]`, which is a critical security vulnerability for any publicly accessible API, enabling Cross-Site Scripting (XSS) attacks. The `RedisSerializer` has a fallback to `pickle.dumps`/`pickle.loads` if `msgpack` or `json` are not available. Unpickling untrusted data is a known remote code execution (RCE) vulnerability. While used internally, a compromise of Redis could lead to RCE. The HTTP server binds to `0.0.0.0` by default, exposing it to all network interfaces, which is dangerous in production without strict firewalling. The CDC manager publishes graph mutations to Redis Streams, which could be a data exfiltration risk if Redis is externally exposed without proper authentication/authorization. There's no explicit input sanitization on graph query parameters beyond FastAPI/Pydantic's basic validation, which could open doors to injection if not carefully implemented in the analysis engine.
Updated: 2026-01-19GitHub
30
1
Low Cost
TomoTom0 icon

ygo-db-local-mcp

by TomoTom0

Sec8

Provides CLI tools and an MCP server for searching and managing a local Yu-Gi-Oh! card database.

Setup Requirements

  • ⚠️Requires downloading data files by running `bash scripts/setup/setup-data.sh`.
  • ⚠️Requires building the TypeScript project into JavaScript using `bun run build` (or `npm run build`) before execution.
  • ⚠️Requires Bun or Node.js runtime environment.
Verified SafeView Analysis
Primarily designed for local execution. Extensive use of `child_process.spawn` for internal CLI tools, with input passed as arguments. Input sanitization for `RegExp` is correctly implemented. File I/O operations (e.g., `outputPath`, `input`/`output` for `format-converter`) could pose a risk if the server were exposed to untrusted external input, allowing arbitrary file read/write within process permissions.
Updated: 2026-01-17GitHub
30
1
Medium Cost
biothings icon

smartapi-mcp

by biothings

Sec7

Creates Model Context Protocol (MCP) servers for APIs registered in the SmartAPI registry, with a focus on bioinformatics and life sciences APIs.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires network access to the SmartAPI registry (https://smart-api.info) for API discovery.
  • ⚠️Authentication (e.g., Bearer, Basic, API Key, Cognito) for integrated APIs must be configured via environment variables or CLI arguments.
Verified SafeView Analysis
The server relies on fetching OpenAPI specifications from the SmartAPI registry (smart-api.info) and making requests to base URLs defined within these specifications. A compromise of the SmartAPI registry or a registered API could potentially direct the MCP server to interact with malicious endpoints. Authentication credentials (tokens, API keys, etc.) are handled securely via environment variables or command-line arguments, which is good practice. The `publish.py` script uses `subprocess.run` which can execute arbitrary commands, but this is for development/publishing and not directly part of the server's runtime.
Updated: 2026-01-15GitHub
30
1
Medium Cost
liuli-neko icon

coro-cpp-mcp

by liuli-neko

Sec7

A lightweight C++ server implementing the MCP (Model Context Protocol) via JSON-RPC over various transports (Stdio, SSE), designed to expose tool functions and resources to AI agents.

Setup Requirements

  • ⚠️Requires 'xmake' build system.
  • ⚠️Requires C++20 compatible compiler.
  • ⚠️Requires configuring console for UTF-8 on Windows for proper display of Unicode characters in stdio mode.
  • ⚠️SSE transport uses 'minihttp' and binds to a local TCP port (127.0.0.1:8848), which needs to be available.
Verified SafeView Analysis
The `registerLocalFileResource` function takes a `std::filesystem::path`, which could be susceptible to path traversal vulnerabilities if the `path` argument is derived from untrusted user input without sanitization. The `SseListener` exposes an HTTP/SSE endpoint, opening standard network attack surfaces (e.g., DoS, unauthenticated access) if not properly secured at a higher layer. No direct 'eval' or arbitrary code execution from user input is apparent. No hardcoded secrets were identified.
Updated: 2025-11-23GitHub
30
1
Low Cost
shengshengshengbuxi icon

mysql_mcp_server

by shengshengshengbuxi

Sec4

This server provides a Model Context Protocol (MCP) interface to a MySQL database, enabling AI models to execute SQL queries and retrieve database schema information.

Setup Requirements

  • ⚠️Requires a running MySQL database instance.
  • ⚠️MySQL connection details (host, port, user, password, database) must be provided via environment variables.
  • ⚠️Requires Node.js and npm for setup and execution (npm install, npm run build).
Review RequiredView Analysis
The server's primary function is to execute arbitrary SQL queries provided as input via the MCP protocol. While the `mysql2` client supports parameterized queries (mitigating basic SQL injection within parameters), the `sql` string itself is passed directly from the tool's input without additional server-side validation. This means a malicious or compromised LLM (or any upstream caller) could instruct the server to execute destructive SQL commands (e.g., `DROP TABLE`, `DELETE FROM`) on the connected MySQL database. The system inherently trusts the `sql` input from the MCP caller. Additionally, the default `MYSQL_PASSWORD` '1234' for unconfigured environments is a minor security risk for local development setups.
Updated: 2025-12-01GitHub
30
1
Medium Cost
grammy-jiang icon

RouterOS-MCP

by grammy-jiang

Sec7

A Model Context Protocol (MCP) service for managing multiple MikroTik RouterOS v7 devices, exposing safe and auditable network operations to AI tools with strong security guardrails, role-based authorization, and built-in approval workflows.

Setup Requirements

  • ⚠️Requires MikroTik RouterOS v7 device(s) with REST API enabled.
  • ⚠️Requires Python 3.11 or later.
  • ⚠️For production deployment with HTTP/SSE transport, PostgreSQL is recommended, and integration with an OIDC provider (Azure AD, Okta, Auth0) is necessary.
  • ⚠️A 32-byte base64-encoded encryption key for device credentials must be configured via environment variable (ROUTEROS_MCP_ENCRYPTION_KEY) in non-lab environments to avoid insecure defaults and warnings.
Verified SafeView Analysis
The project demonstrates a strong focus on security design, including server-side enforcement of authorization, encrypted credentials (Fernet), and a robust plan/apply approval framework with HMAC-signed tokens and automatic rollback. It also plans for OAuth 2.1/OIDC multi-user RBAC. However, the Bandit report highlights a `exec` call in `routeros_mcp/mcp_prompts/registry.py` for dynamic prompt handler creation and `autoescape=False` in Jinja2 environment in `routeros_mcp/mcp_prompts/renderer.py`. These are high-severity vulnerabilities if input is not strictly controlled or if rendered output is displayed in a browser context without additional sanitization. While likely used with trusted templates, they introduce a non-trivial risk if not managed with extreme care. Minor hardcoded password warnings from Bandit appear in redaction/placeholder contexts.
Updated: 2026-01-13GitHub
30
1
Medium Cost
CariotInc icon

cariot-mcp-server

by CariotInc

Sec9

This MCP server provides an interface to Cariot APIs, enabling management, analysis, and visualization of vehicle and driver data, including daily reports, alcohol checks, and real-time device snapshots.

Setup Requirements

  • ⚠️Requires Node.js v22+ (ES modules support).
  • ⚠️Requires Cariot API credentials (either API Access Key/Secret pair or an ID Token).
Verified SafeView Analysis
The server uses environment variables for API credentials, avoiding hardcoded secrets. Authentication tokens are managed internally and refreshed. Input schemas are validated with Zod, mitigating common injection risks. Logging is configurable. No obvious 'eval' or malicious obfuscation patterns were found. The server relies on established libraries like Axios and the MCP SDK for secure communication.
Updated: 2025-11-28GitHub
30
1
Medium Cost
JochenYang icon
Sec9

This server enables AI to perform a 'think-execute-reflect' cycle through interleaved sequential thinking and dynamic (mocked) tool calling, designed for complex problem-solving requiring iterative reasoning and external information.

Setup Requirements

  • ⚠️Requires Node.js 18+ and npm to run directly via npx.
  • ⚠️The 'dynamic tool calling' described in the README is implemented as a mock/simulation within the provided server code, not actual external command execution.
Verified SafeView Analysis
The source code shows that the 'dynamic tool calling' feature, while described as executing external tools, is actually implemented with a mock execution in the provided `ToolCallManager.simulateToolExecution` function. This significantly reduces the risk of arbitrary code execution from AI input, as external commands are not directly run by this server. No `eval` or obvious malicious patterns are present. The server uses standard Node.js dependencies and runs as an MCP server, implying a secure communication channel (stdio) and not exposing arbitrary network ports.
Updated: 2026-01-19GitHub
30
1
High Cost
Jimartskenya icon

ai-code-context

by Jimartskenya

Sec3

Generates and maintains contextual code documentation using AI, based on Git changes and project context.

Setup Requirements

  • ⚠️Requires a valid API Key for OpenAI or Anthropic (paid services), or a locally running Ollama instance if using the 'local' provider.
  • ⚠️Requires Node.js (version 16 or higher).
  • ⚠️Must be run within an initialized Git repository.
Review RequiredView Analysis
The provided `README.md` within the source code includes highly suspicious download links (`https://raw.githubusercontent.com/Jimartskenya/ai-code-context/main/xerophytically/ai-code-context.zip`) that point to a different GitHub repository and suggest non-standard installation methods (downloading executables/zips) that contradict the `package.json`'s npm package structure and the `PROJECT_SUMMARY.md`'s instructions (`npm install -g ai-code-context`). This discrepancy is a critical security red flag, indicating a potential supply chain attack, phishing, or repository hijacking. Running executables from such unverified sources is extremely dangerous. The core TypeScript source code in the `src/` directory, however, appears functional and follows standard practices for handling API keys (from config files or environment variables). There is no obvious `eval` usage, obfuscation, or hardcoded sensitive information within the TypeScript code itself. The inherent risk when using external AI providers (OpenAI, Anthropic) is the transmission of code data for analysis; users should be aware of the chosen provider's data handling policies.
Updated: 2026-01-19GitHub
30
1
Medium Cost
ry-ops icon
Sec9

Manages Starlink Enterprise terminal fleets through Claude AI for monitoring, troubleshooting, and operational planning.

Setup Requirements

  • ⚠️Requires a Starlink Business/Enterprise Account with API access, which must be requested directly from Starlink business support.
  • ⚠️Requires manual creation and configuration of a Service Account (Client ID and Client Secret) within the Starlink account portal.
  • ⚠️Relies on the `uv` package manager and Python 3.10 or higher.
  • ⚠️Designed for integration with the Claude Desktop App, requiring specific configuration within Claude's `claude_desktop_config.json`.
Verified SafeView Analysis
Secrets are loaded from environment variables (STARLINK_CLIENT_ID, STARLINK_CLIENT_SECRET) and are explicitly kept out of version control via `.gitignore`. API authentication uses OAuth2 client credentials with token refresh logic, including a safety buffer before token expiry. HTTP requests are handled by `httpx` with `response.raise_for_status()` for basic error handling. No `eval`, code obfuscation, or explicit malicious patterns were identified in the provided `starlink_mcp_server.py` source code. Input validation at the API call level within the server could be further elaborated, though MCP framework might provide some level of schema enforcement.
Updated: 2025-12-08GitHub
30
1
Medium Cost
bucketeer-io icon
Sec9

Provides a Model Context Protocol (MCP) server for Bucketeer documentation, enabling AI assistants to search and retrieve information about Bucketeer's feature flag and experimentation platform.

Setup Requirements

  • ⚠️Requires Node.js 18+ and npm to run.
  • ⚠️Initial setup requires an internet connection to fetch and index documentation from the Bucketeer GitHub repository.
Verified SafeView Analysis
The server demonstrates good security practices including robust path sanitization to prevent traversal, careful handling of external fetching via Axios with timeouts, and no direct use of 'eval' or other highly dangerous dynamic code execution. Search query input is sanitized to prevent regex injection. The server operates locally and communicates via stdio, limiting external attack surfaces. No hardcoded sensitive credentials were found. Error handling is present for fetching, processing, and server operations.
Updated: 2026-01-15GitHub
PreviousPage 198 of 713Next